What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-11-20 01:12:15 | Fintech Giant Finastra Investigating Data Breach (lien direct) | The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world\'s top 50 banks, notified customers of a potential breach after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company.
The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world\'s top 50 banks, notified customers of a potential breach after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. |
Data Breach | ★★ | |
 |
2024-11-19 17:17:29 | German court says victims of massive Facebook data breach can be compensated (lien direct) | According to a statement from the German Federal Court of Justice (BGH), users can claim around €100 ($105) for the breach even if the data obtained by the hackers wasn\'t misused or caused any harm.
According to a statement from the German Federal Court of Justice (BGH), users can claim around €100 ($105) for the breach even if the data obtained by the hackers wasn\'t misused or caused any harm. |
Data Breach | ★★★ | |
 |
2024-11-19 15:09:14 | Ford rejects breach allegations, says customer data not impacted (lien direct) | Ford is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. [...]
Ford is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. [...] |
Data Breach Threat | ★★ | |
 |
2024-11-19 14:00:00 | Communication platforms play a major role in data breach risks (lien direct) | >Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools. When it comes to cybersecurity, communicating means more than just talking to another person; it includes any […]
>Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools. When it comes to cybersecurity, communicating means more than just talking to another person; it includes any […] |
Data Breach Tool | ★★ | |
 |
2024-11-18 23:58:08 | Ford \\'actively investigating\\' after employee data allegedly parked on leak site (lien direct) | Plus: Maxar Space Systems confirms employee info stolen in digital intrusion Ford Motor Company says it is looking into allegations of a data breach after attackers claimed to have stolen an internal database containing 44,000 customer records and dumped the info on a cyber crime souk for anyone to "enjoy."…
Plus: Maxar Space Systems confirms employee info stolen in digital intrusion Ford Motor Company says it is looking into allegations of a data breach after attackers claimed to have stolen an internal database containing 44,000 customer records and dumped the info on a cyber crime souk for anyone to "enjoy."… |
Data Breach | ★★ | |
|
2024-11-18 15:59:42 | US space tech giant Maxar discloses employee data breach (lien direct) | Hackers breached U.S. satellite maker Maxar Space Systems and accessed personal data belonging to its employees, the company informs in a notification to impacted individuals. [...]
Hackers breached U.S. satellite maker Maxar Space Systems and accessed personal data belonging to its employees, the company informs in a notification to impacted individuals. [...] |
Data Breach | ★★★ | |
 |
2024-11-13 09:59:27 | Inside the DemandScience by Pure Incubation Data Breach (lien direct) | Apparently, before a child reaches the age of 13, advertisers will have gathered more 72 million data points on them. I knew I'd seen a metric about this sometime recently, so I went looking for "7,000", which perfectly illustrates how unaware we are of the
Apparently, before a child reaches the age of 13, advertisers will have gathered more 72 million data points on them. I knew I'd seen a metric about this sometime recently, so I went looking for "7,000", which perfectly illustrates how unaware we are of the |
Data Breach | ★★★ | |
 |
2024-11-13 06:07:56 | An Easy Fix for the Complex Problem of Email Misdelivery: Proofpoint Adaptive Email DLP (lien direct) | In our increasingly digital world, email remains a primary mode of communication. It is also a fundamental tool for getting work done as people work remotely everywhere. However, it also poses some big risks-namely, it\'s easy to send emails to the wrong person. And that means sensitive information can find itself in the wrong hands. Today, misdirected emails are the No. 1 email data loss issue. It causes organizations to experience data breaches, which can mean expensive regulatory fines and brand damage. And it means that they lose valuable intellectual property (IP) and productivity, too. As organizations continue to grapple with this issue, it has become essential to integrate behavioral AI into email security tools to mitigate these risks. In this blog post, we\'ll take a closer look at this widespread issue-and how Proofpoint Adaptive Email Data Loss Prevention (DLP) can help. Misdirected emails are a major issue Misdirected emails occur for various reasons: simple typos in email addresses, confusion over similar names or misjudging a recipient\'s context. While all these issues seem innocent enough, the repercussions can be significant. Misdirected emails are the leading cause of email data loss today. Just look at these statistics: The Verizon 2024 Data Breach Investigation Report indicated that Insider threats represent 30-40% of data breaches in any given year. The UK Information Commissioners Office (ICO) security trend report shows that misdirected emails have been the No. 1 reported incident type for the last four years. According to Proofpoint research, 33% of employees send 1-2 misdirected emails per year. Proofpoint Adaptive Email DLP to the rescue As someone who\'s worked in technology and cybersecurity for over 15 years, I can say I\'ve never seen a technology solution-specifically a cybersecurity solution-garner as much excitement and demand as Adaptive Email DLP. Why? Because it solves an incredibly complex problem, and it does so quickly and easily with very little administrative oversight. But don\'t just take my word for it. Listen to Patric Versteeg who\'s a CISO at Viterra and has worked in cybersecurity for over 25 years; he said it best. What follows are a few highlights from his comments about using our solution. It\'s highly effective and causes minimal user disruption “If you look at other products, you need a lot of tuning, and there are a lot of false positives. And if you need to implement another policy, it\'s just a lot of work,” said Versteeg. Adaptive Email DLP uses our industry-proven Proofpoint Nexus® Relation Graph. It leverages superior datasets-including over 12 months of email data-to make its predictions with high efficacy. It can be seamlessly integrated into daily workflows without compromising on security or disrupting end-users. Time to value is fast When it came to the ease of deploying Adaptive Email DLP, here\'s how Versteeg summed up his experience: “It\'s so important to not stress out IT operations too much. And Adaptive Email DLP delivered just that. No drawn-out implementation time. No false positives. [It] just works out of the box. Start and run. Brilliant!” In as little as 48 hours, Adaptive Email DLP automatically prevents data loss with minimal or ongoing configuration required. Contextual warnings empower users to correct mistakes before they happen. This reduces risk and post-breach remediation work. Protect your organization with Adaptive Email DLP At a time when data loss from misdirected emails is all too common, Adaptive Email DLP makes it easy to protect your organization. It\'s a powerful solution that\'s easy to deploy and use. With it, you can significantly mitigate the risks associated with misdirected emails as well as emails that are sent to unauthorized accounts. By combining advanced Proofpoint Nexus behavioral AI, machine learning and supe | Data Breach Tool Prediction | ★★ | |
 |
2024-11-13 03:21:48 | The Rising Cost of Cybersecurity: How Companies Can Effectively Communicate the Value of Protection (lien direct) | Data shows that financial motivation is a huge incentive for threat actors, which explains the rising prevalence of ransomware and other extortion breaches in the corporate world. In 2023 alone, business email compromise (BEC) complaints received by the FBI amounted to over 2.9 billion. Source This situation highlights an uncomfortable truth that has become clearer over the years: cybersecurity is no longer just about technology-it\'s about the very survival of a business. According to IBM\'s 2024 Cost of a Data Breach Report, the global average total cost of a data breach reached $4.88 million...
Data shows that financial motivation is a huge incentive for threat actors, which explains the rising prevalence of ransomware and other extortion breaches in the corporate world. In 2023 alone, business email compromise (BEC) complaints received by the FBI amounted to over 2.9 billion. Source This situation highlights an uncomfortable truth that has become clearer over the years: cybersecurity is no longer just about technology-it\'s about the very survival of a business. According to IBM\'s 2024 Cost of a Data Breach Report, the global average total cost of a data breach reached $4.88 million... |
Ransomware Data Breach Threat | ★★★ | |
 |
2024-11-11 21:31:13 | Halliburton reste optimiste au milieu des pertes de violation de données de 35 millions de dollars (lien direct) | Bien que son rapport sur les gains du troisième trimestre confirme que la société reste sur la bonne voie, elle ne sait pas comment cela sera affecté si les acteurs de la menace commettent d'autres dommages.
Though its third-quarter earnings report confirms that the company remains on track, it\\\\\\\\\\\\'s unclear how that will be affected if the threat actors commit further damage. |
Data Breach Threat | ★★★ | |
|
2024-11-11 16:23:49 | HIBP informe 57 millions de personnes de violation de données sur le sujet chaud (lien direct) | Ai-je été averti par une violation de données présumée exposée les informations personnelles de 56 904 909 comptes pour les clients chauds du sujet, de la boîte et des clients torrides. [...]
Have I Been Pwned warns that an alleged data breach exposed the personal information of 56,904,909 accounts for Hot Topic, Box Lunch, and Torrid customers. [...] |
Data Breach | ★★★ | |
|
2024-11-11 14:10:58 | Amazon confirme la violation des données des employés après le piratage du fournisseur (lien direct) | Amazon a confirmé qu'une violation de données impliquant des informations sur les employés après les données qui auraient été volées au cours des attaques Moveit de mai 2023 ont été divulguées sur un forum de piratage. [...]
Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hacking forum. [...] |
Data Breach Hack | ★★★ | |
 |
2024-11-09 11:30:00 | Les iPhones à réapprovisionnement automatique provoquent le chaos pour les flics Auto-Rebooting iPhones Are Causing Chaos for Cops (lien direct) |
Plus: Hot Topic confirme une violation des données des clients, l'Allemagne arrête un citoyen américain pour avoir prétendument transmis des secrets militaires aux renseignements chinois, et plus encore.
Plus: Hot Topic confirms a customer data breach, Germany arrests a US citizen for allegedly passing military secrets to Chinese intelligence, and more. |
Data Breach | ★★★ | |
|
2024-11-07 14:00:00 | Explorer Dora: comment gérer les incidents des TIC et minimiser les risques de cyber-menace Exploring DORA: How to manage ICT incidents and minimize cyber threat risks (lien direct) |
> Alors que les violations de la cybersécurité continuent d'augmenter à l'échelle mondiale, les institutions gantant les informations sensibles sont particulièrement vulnérables.En 2024, le coût moyen d'une violation de données dans le secteur financier a atteint 6,08 millions de dollars, ce qui en fait le deuxième coup le plus difficile après les soins de santé, selon le coût en 2024 de l'IBM en 2024 d'un rapport de violation de données.Cela souligne la nécessité de la robuste [& # 8230;]
>As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM’s 2024 Cost of a Data Breach report. This underscores the need for robust IT […] |
Data Breach Threat Medical | ★★★ | |
|
2024-11-07 13:24:16 | Nokia dit que les pirates ont divulgué le code source de l'application tiers Nokia says hackers leaked third-party app source code (lien direct) |
L'enquête de Nokia \\ sur les réclamations récentes d'une violation de données a révélé que le code source divulgué sur un forum de pirate appartient à un tiers et aux données de l'entreprise et des clients n'a pas été touché.[...]
Nokia\'s investigation of recent claims of a data breach found that the source code leaked on a hacker forum belongs to a third party and company and customer data has not been impacted. [...] |
Data Breach | ★★★ | |
|
2024-11-07 07:18:44 | Arrêt de cybersécurité du mois: prévenir le compromis des e-mails du fournisseur dans le secteur public Cybersecurity Stop of the Month: Preventing Vendor Email Compromise in the Public Sector (lien direct) |
The Cybersecurity Stop of the Month blog series explores the ever-evolving tactics of today\'s cybercriminals. It also examines how Proofpoint helps businesses to fortify their email defenses to protect people against today\'s emerging threats. The interconnectedness of today\'s business ecosystems has created a prime target for attacks on digital supply chains. Within those supply chains, email remains the No.1 vector to access people and poses a major risk. According to our research, more than 80% of Proofpoint customers receive an email attack each month from a trusted vendor or supplier. And these attacks can be quite costly. Based on IBM\'s Cost of a Data Breach report, the average financial loss from a data breach that involves the supply chain tops $4.8 million. Unlike native and API-based email security tools, Proofpoint regularly stops these highly targeted attacks before they reach employee inboxes. If you\'ve been following this series, you will have seen in earlier blog posts that we\'ve covered many different types of supply chain attacks. We\'ve seen attackers targeting the legal, manufacturing, aviation industries and more with complex impersonation and vendor email compromise techniques. Today, we\'ll explore a phishing attack on a public sector agency, which was disguised as an electronic fax (eFax). Background In this example, bad actors exploited a supplier\'s email through vendor email compromise. This occurs when an attacker gains access to and weaponizes an email account of a smaller business partner instead of going directly after a bigger, more secure organization. This can be a very effective tactic. Attackers know that larger organizations typically have better resources, bigger budgets and more mature cybersecurity defenses to keep them out. When this tactic is combined with credential phishing, attackers are able to trick even the savviest recipients. In fact, Proofpoint research shows that employees are 3X more likely to click on a phishing link when it comes from a trusted partner. That\'s not only because there\'s an inherent trust between senders. It\'s also due to the fact that threat actors may use legitimate file hosting services and extremely convincing fake login sites to spoof well-known brands. The scenario Proofpoint recently detected this potent combination of threats during a customer\'s initial evaluation process. This threat was started by a cybercriminal who gained access to the email account of a marketing professor at a public university. With this access, the attacker sent a phishing link-which appeared to be an eFax-to the email address of a government agency\'s employee whom the university professor had previously communicated with. Because the employee was a known contact in the professor\'s inbox, the attacker was able to bypass many layers of security intended to catch such threats. As with many vendor email compromise attacks, this threat was specific, highly targeted and unique to the sender. Because Proofpoint has extensive global email visibility and insights, we were able to see that the same phishing link was delivered to less than 40 other accounts worldwide. Notably, the phishing link was hosted by a legitimate, well-known file sharing website. As a result, it was missed by this agency\'s Microsoft 365 native email security tool, which lacks comprehensive URL sandboxing capabilities. And because of the extended nature of this attack chain, it was further missed by an API-based security tool after it was delivered. Fortunately, Proofpoint detects and blocks phishing messages before they ever reach a user\'s inbox. If this customer had been using Proofpoint, its employees would never have been exposed to the account takeover risk. The threat: How did the attack happen? Here\'s a breakdown of the attack. 1. Setting a lure. To set the trap, the attacker created a highly stylized message that looked like an | Data Breach Malware Tool Threat Medical Cloud | ★★ | |
|
2024-11-06 18:50:50 | Nokia: Aucune preuve jusqu'à présent que les pirates ont violé les données de l'entreprise Nokia: No Evidence So Far That Hackers Breached Company Data (lien direct) |
Le fabricant d'appareils mobiles continue d'enquêter sur les affirmations d'Intelbroker \\ d'une autre violation de données de haut niveau, le groupe cybercriminal publiant sur les données internes de BreachForums qui auraient été volées à Nokia par le biais d'un entrepreneur tiers.
The mobile device maker continues to investigate IntelBroker\'s claims of another high-profile data breach, with the cybercriminal group posting on BreachForums internal data allegedly stolen from Nokia through a third-party contractor. |
Data Breach Mobile | ★★★ | |
 |
2024-11-05 17:11:52 | Canada Arrestations Soupçonnées de pirate liée aux infractions aux données de flocon de neige Canada Arrests Suspected Hacker Linked to Snowflake Data Breaches (lien direct) |
Les autorités canadiennes arrêtent un suspect lié à la violation de données de flocon de neige, exposant des vulnérabilités dans les infrastructures cloud.La brèche & # 8230;
Canadian authorities arrest a suspect linked to the Snowflake data breach, exposing vulnerabilities in cloud infrastructure. The breach… |
Data Breach Vulnerability Cloud | ★★ | |
|
2024-11-05 14:00:00 | Pénurie de compétences directement liée à la perte financière des violations de données Skills shortage directly tied to financial loss in data breaches (lien direct) |
> L'écart de compétences en cybersécurité continue de s'élargir, avec de graves conséquences pour les organisations du monde entier.26,2% augmentation par rapport à l'année précédente.Et c'est cher.Ce déficit de compétences ajoute en moyenne 1,76 million de dollars en [& # 8230;]
>The cybersecurity skills gap continues to widen, with serious consequences for organizations worldwide. According to IBM’s 2024 Cost Of A Data Breach Report, more than half of breached organizations now face severe security staffing shortages, a whopping 26.2% increase from the previous year. And that’s expensive. This skills deficit adds an average of $1.76 million in […] |
Data Breach | ★★★ | |
 |
2024-11-05 10:38:00 | Le suspect canadien a été arrêté pour une violation de données de flocon de neige et des attaques d'extorsion Canadian Suspect Arrested Over Snowflake Data Breach and Extortion Attacks (lien direct) |
Les autorités canadiennes de l'application des lois ont arrêté une personne soupçonnée d'avoir mené une série de hacks découlant de la violation de la plate-forme d'entreposage des données cloud Snowflake plus tôt cette année.
L'individu en question, Alexander "Connor" Moucka (alias Judische et Waifu), a été appréhendé le 30 octobre 2024, sur la base d'un mandat d'arrêt provisoire, à la suite d'une demande par la
Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander "Connor" Moucka (aka Judische and Waifu), was apprehended on October 30, 2024, on the basis of a provisional arrest warrant, following a request by the |
Data Breach Legislation Cloud | ★★ | |
 |
2024-11-05 06:45:03 | 500 000 personnes touchées dans la violation des données de Columbus, suivie d'un procès contre le chercheur en sécurité 500,000 Affected in Columbus Data Breach, Followed by Lawsuit Against Security Researcher (lien direct) |
En juillet 2024, la ville de Columbus, Ohio, a connu une attaque de ransomware qui a exposé les informations personnelles d'environ 500 000 résidents.Alors que les responsables ont rapidement mis les systèmes hors ligne pour contenir l'incident et ont déclaré que l'arrêt de l'attaque avant que le cryptage des ransomwares puisse être déployé, les données volées ont rapidement fait surface sur le Web Dark.La ville a ensuite déposé un [...]
In July 2024, the City of Columbus, Ohio, experienced a ransomware attack that exposed the personal information of approximately 500,000 residents. While officials quickly took systems offline to contain the incident and reported halting the attack before ransomware encryption could be deployed, stolen data soon surfaced on the dark web. The city later filed a [...] |
Ransomware Data Breach | ★★★ | |
 |
2024-11-04 14:04:11 | 210 000 touchés par la violation des données de l'Université Saint Xavier 210,000 Impacted by Saint Xavier University Data Breach (lien direct) |
> L'Université Saint Xavier notifie plus de 210 000 personnes de compromis d'informations personnelles dans une violation de données de juillet 2023.
>Saint Xavier University is notifying over 210,000 individuals of personal information compromise in a July 2023 data breach. |
Data Breach | ★★★ | |
|
2024-11-01 05:36:12 | Le bouclier invisible: au-delà de la cyber-protection enveloppante The Invisible Shield: Beyond Wrap-around Cyber Protection (lien direct) |
Les cyber-menaces évoluent à un rythme sans précédent.Les logiciels malveillants dirigés par l'IA, les schémas de phishing sophistiqués et les méthodes d'attaque adaptatifs dépassent les mesures de sécurité standard.Les défenses traditionnelles ne sont plus suffisantes.Les entreprises ont besoin d'un bouclier invisible qui offre une protection complète et proactive pour rester en avance.Des études récentes de l'industrie soulignent cette urgence.Cette année, le rapport sur les enquêtes sur les violations de données de Verizon de \\ souligne que les informations d'identification [...]
Cyber threats are evolving at an unprecedented pace. AI-driven malware, sophisticated phishing schemes, and adaptive attack methods are outmaneuvering standard security measures. Traditional defenses are no longer sufficient. Businesses need an invisible shield that offers comprehensive, proactive protection to stay ahead. Recent industry studies underline this urgency. This year\'s Verizon Data Breach Investigations Report highlights that credentials [...] |
Data Breach Malware Studies | ★★ | |
|
2024-10-31 11:19:29 | Mystic Valley Elder Services La violation des données a un impact sur 87 000 personnes Mystic Valley Elder Services Data Breach Impacts 87,000 People (lien direct) |
> Mystic Valley Elder Services a détecté une violation de sécurité en avril et affirme maintenant que les fichiers contenant des informations personnelles ont peut-être été volés.
>Mystic Valley Elder Services detected a security breach in April and now says files containing personal information may have been stolen. |
Data Breach | ★★ | |
|
2024-10-30 18:22:27 | Interbank confirme la violation des données après l'extorsion échouée, fuite de données Interbank confirms data breach following failed extortion, data leak (lien direct) |
Interbank, l'une des principales institutions financières du Pérou, a confirmé une violation de données après qu'un acteur de menace qui a piraté ses systèmes a divulgué des données volées en ligne.[...]
Interbank, one of Peru\'s leading financial institutions, has confirmed a data breach after a threat actor who hacked into its systems leaked stolen data online. [...] |
Data Breach Threat | ★★ | |
|
2024-10-30 13:34:08 | Changer la violation des soins de santé frappe 100m Américains Change Healthcare Breach Hits 100M Americans (lien direct) |
Change Healthcare dit qu'il a informé environ 100 millions d'Américains que leurs dossiers personnels, financiers et de soins de santé pourraient avoir été volés lors d'une attaque de ransomware de février 2024 qui a provoqué la plus grande violation de données jamais connue des informations de santé protégées.
Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. |
Ransomware Data Breach Medical | ★★ | |
|
2024-10-30 01:27:05 | Les politiciens italiens expriment l'alarme lors de la dernière violation de données affectant 800 000 citoyens Italian Politicians Express Alarm at Latest Data Breach Allegedly Affecting 800,000 Citizens (lien direct) |
> Les procureurs disent que les données d'au moins 800 000 Italiens ont été compromises en violations datant de 2022 par une agence d'investigation privée.
>Prosecutors say the data of at least 800,000 Italians was compromised in breaches dating from 2022 by a private investigative agency. |
Data Breach | ★★ | |
|
2024-10-29 17:09:24 | Le FAI français confirme la cyberattaque, la violation de données affectant 19 m French ISP Confirms Cyberattack, Data Breach Affecting 19M (lien direct) |
Lors de la dernière attaque contre les FAI, le deuxième fournisseur français Free a été victime de cyberattaques inconnus qui ont tenté de vendre les données compromises qu'elle a volées à la société sur un forum de cybercriminalité souterrain.
In the latest attack against ISPs, second-largest French provider Free fell victim to unknown cyberattackers who attempted to sell the compromised data it stole from the company on an underground cybercrime forum. |
Data Breach | ★★ | |
|
2024-10-29 13:00:00 | Pourquoi la sauvegarde des données sensibles est si cruciale Why safeguarding sensitive data is so crucial (lien direct) |
> Une violation de données chez Virtual Medical Provider Confident Health met à nu la grande différence entre les informations personnellement identifiables (PII) d'une part et les données sensibles de l'autre.L'histoire a commencé lorsque la chercheuse en sécurité Jeremiah Fowler a découvert une base de données non garantie contenant 5,3 téraoctets de données exposées liées à la santé des confidents.L'entreprise fournit une dépendance [& # 8230;]
>A data breach at virtual medical provider Confidant Health lays bare the vast difference between personally identifiable information (PII) on the one hand and sensitive data on the other. The story began when security researcher Jeremiah Fowler discovered an unsecured database containing 5.3 terabytes of exposed data linked to Confidant Health. The company provides addiction […] |
Data Breach Medical | ★★ | |
|
2024-10-29 04:18:41 | Combattre l'erreur humaine: comment protéger votre entreprise contre les violations de données coûteuses Combatting Human Error: How to Safeguard Your Business Against Costly Data Breaches (lien direct) |
Ce n'est pas un secret que l'erreur humaine explique un nombre disproportionné de violations de données.L'année dernière, elle représentait 74%;Cette année, le rapport d'enquêtes sur les violations de données de Verizon 2024 a noté qu'il était passé à 76% par les mêmes critères.Indique le rapport: «Le pourcentage de violations causées par des actions d'erreur augmente & # 8230; par opposition à [...] externe [...]
It\'s no secret that human error accounts for a disproportionate number of data breaches. Last year, it accounted for 74%; this year, the Verizon 2024 Data Breach Investigations Report noted that it rose to 76% per the same criteria. States the report, “The percentage of breaches caused by Error actions is rising…as opposed to external [...] |
Data Breach | ★★★ | |
|
2024-10-28 19:33:48 | Le comté du Texas affirme que 47 000 avaient des SSN, des informations sur le traitement médical divulguées en mai cyberattaque Texas county says 47,000 had SSNs, medical treatment info leaked during May cyberattack (lien direct) |
Le comté de Wichita, au Texas, a publié des notifications de violation de données sur un incident en mai qui semble être le travail d'un gang de ransomware.
Wichita County, Texas, issued data breach notifications about an incident in May that appears to be the work of a ransomware gang. |
Ransomware Data Breach Medical | ★★★ | |
|
2024-10-28 13:45:16 | Gratuit, le deuxième plus grand FAI de France \\, confirme la violation des données après la fuite Free, France\\'s second largest ISP, confirms data breach after leak (lien direct) |
Gratuit, un grand fournisseur de services Internet (FAI) en France, a confirmé au cours du week-end que les pirates ont violé ses systèmes et volé des informations personnelles clients.[...]
Free, a major internet service provider (ISP) in France, confirmed over the weekend that hackers breached its systems and stole customer personal information. [...] |
Data Breach | ★★★ | |
|
2024-10-25 14:26:40 | Dans d'autres nouvelles: CVE a 25 ans, Henry Schein Data Breach, récompense pour Shahid Hemmat Hackers In Other News: CVE Turns 25, Henry Schein Data Breach, Reward for Shahid Hemmat Hackers (lien direct) |
> Des histoires remarquables qui auraient pu glisser sous le programme Radar: CVE célèbre le 25e anniversaire, un an après l'attaque de ransomware Henry Schein dit que 160 000 sont touchés, nous offrant des récompenses pour Shahid Hemmat Hackers.
>Noteworthy stories that might have slipped under the radar: CVE Program celebrates 25th anniversary, one year after ransomware attack Henry Schein says 160,000 are impacted, US offering rewards for Shahid Hemmat hackers. |
Ransomware Data Breach | ★★★ | |
|
2024-10-25 13:00:00 | Répondre aux préoccupations croissantes concernant la cybersécurité dans la fabrication Addressing growing concerns about cybersecurity in manufacturing (lien direct) |
> La fabrication est devenue de plus en plus dépendante de la technologie moderne, notamment des systèmes de contrôle industriel (ICS), des appareils Internet des objets (IoT) et des technologies opérationnelles (OT).Bien que ces innovations stimulent la productivité et rationalisent les opérations, elles ont largement élargi la surface de cyberattaque.Selon le coût IBM 2024 d'une violation de données & # 160; Rapport, le coût total moyen d'une violation de données dans [& # 8230;]
>Manufacturing has become increasingly reliant on modern technology, including industrial control systems (ICS), Internet of Things (IoT) devices and operational technology (OT). While these innovations boost productivity and streamline operations, they’ve vastly expanded the cyberattack surface. According to the 2024 IBM Cost of a Data Breach report, the average total cost of a data breach in […] |
Data Breach Industrial | ★★★ | |
|
2024-10-25 11:28:46 | L'administrateur Landmark révèle la violation des données impactant 800 000 personnes Landmark Admin Discloses Data Breach Impacting 800,000 People (lien direct) |
> L'administrateur d'assurance Landmark Admin indique que les informations personnelles ont été volées dans une attaque de ransomware plus tôt cette année.
>Insurance administrator Landmark Admin says personal information stolen in a ransomware attack earlier this year. |
Ransomware Data Breach | ★★★ | |
|
2024-10-25 08:43:58 | La violation des données sur les soins aux patients sur près de 800 000 personnes OnePoint Patient Care Data Breach Impacts Nearly 800,000 People (lien direct) |
> Les soins à un point de patient ont divulgué une violation de données ayant un impact sur les informations personnelles de près de 800 000 personnes.
>OnePoint Patient Care has disclosed a data breach impacting the personal information of nearly 800,000 individuals. |
Data Breach | ★★ | |
|
2024-10-24 23:54:56 | UnitedHealth affirme que les données de 100 millions de personnes volées dans le changement de violation des soins de santé UnitedHealth says data of 100 million stolen in Change Healthcare breach (lien direct) |
UnitedHealth a confirmé pour la première fois que plus de 100 millions de personnes avaient leurs informations personnelles et leurs données sur les soins de santé volées dans l'attaque des ransomwares de soins de santé du changement, marquant cela comme la plus grande violation des données de santé ces dernières années.[...]
UnitedHealth has confirmed for the first time that over 100 million people had their personal information and healthcare data stolen in the Change Healthcare ransomware attack, marking this as the largest healthcare data breach in recent years. [...] |
Ransomware Data Breach Medical | ★★★ | |
|
2024-10-24 18:15:57 | Landmark, un administrateur pour les sociétés d'assurance, indique 800 000 affectés par la violation des données Landmark, an administrator for insurance firms, says 800,000 affected by data breach (lien direct) |
Le Landmark Admin, basé au Texas, a rapporté que les intrus pouvaient accéder aux noms, aux numéros de sécurité sociale et aux numéros d'identification fiscale pour des centaines de milliers de personnes.Un nombre plus petit avait d'autres types de données exposées.
Texas-based Landmark Admin reported that intruders were able to access names, Social Security numbers and tax identification numbers for hundreds of thousands of people. A smaller number had other types of data exposed. |
Data Breach | ★★★ | |
|
2024-10-24 17:39:21 | Henry Schein révèle la violation des données un an après l'attaque du ransomware Henry Schein discloses data breach a year after ransomware attack (lien direct) |
Henry Schein a finalement divulgué une violation de données à la suite d'au moins deux cyberattaques consécutives en 2023 par le Blackcat Ransomware Gang, révélant que plus de 160 000 personnes ont été volées leurs informations personnelles.[...]
Henry Schein has finally disclosed a data breach following at least two back-to-back cyberattacks in 2023 by the BlackCat Ransomware gang, revealing that over 160,000 people had their personal information stolen. [...] |
Ransomware Data Breach | ★★ | |
|
2024-10-24 15:10:36 | L'administrateur d'assurance Landmark affirme que la violation des données a un impact sur 800 000 personnes Insurance admin Landmark says data breach impacts 800,000 people (lien direct) |
La société de services administratifs d'assurance Landmark Admin avertit qu'une violation de données a un impact sur 800 000 personnes d'une cyberattaque de mai.[...]
Insurance administrative services company Landmark Admin warns that a data breach impacts over 800,000 people from a May cyberattack. [...] |
Data Breach | ★★ | |
|
2024-10-24 13:00:00 | 3 cas d'utilisation éprouvés pour l'IA dans la cybersécurité préventive 3 proven use cases for AI in preventative cybersecurity (lien direct) |
> Le coût d'un rapport de violation de Data 2024 met en évidence une conclusion révolutionnaire: l'application de l'automatisation alimentée par l'IA dans la prévention a permis aux organisations de 2,2 millions de dollars en moyenne.Les entreprises utilisent l'IA depuis des années de détection, d'enquête et de réponse.Cependant, à mesure que les surfaces d'attaque se développent, les chefs de sécurité doivent adopter une position plus proactive.Voici trois [& # 8230;]
>IBM’s Cost of a Data Breach Report 2024 highlights a ground-breaking finding: The application of AI-powered automation in prevention has saved organizations an average of $2.2 million. Enterprises have been using AI for years in detection, investigation and response. However, as attack surfaces expand, security leaders must adopt a more proactive stance. Here are three […] |
Data Breach | ★★★ | |
 |
2024-10-23 11:15:00 | Internet Archive sécurise le compte Zendesk, travaille à la restauration à service complet Internet Archive Secures Zendesk Account, Works Toward Full-Service Restoration (lien direct) |
Pendant que les services de l'internet sont lentement repris, la violation de données révèle les échecs de sécurité de l'organisation à but non lucratif
While Internet Archive\'s services slowly resume, the data breach reveals the non-profit\'s security failures |
Data Breach | ★★ | |
|
2024-10-22 11:00:00 | Les impacts des attaques de phishing sur 92 000 utilisateurs de Transak Phishing Attack Impacts Over 92,000 Transak Users (lien direct) |
Une attaque de phishing ciblant les employés de Transak a conduit à une violation de données, compromettant les informations de 92 554 utilisateurs
A phishing attack targeting Transak employees led to a data breach, compromising the information of 92,554 users |
Data Breach | ★★ | |
|
2024-10-22 08:50:00 | Le géant pharmaceutique Johnson & Johnson révèle la violation des données Pharma Giant Johnson & Johnson Discloses Data Breach (lien direct) |
Johnson & # 038;Johnson a divulgué une violation de données ayant un impact sur les informations personnelles de milliers de personnes.
Johnson & Johnson has disclosed a data breach impacting the personal information of thousands of people. |
Data Breach | ★★★ | |
|
2024-10-21 20:42:53 | La société de services de paiement cryptographique affirme que plus de 92 000 personnes affectées par la violation de données Crypto payment services firm says more than 92,000 affected by data breach (lien direct) |
Le gang de ransomware Stormous a pris le crédit du vol lundi, affirmant avoir volé 300 gigaoctets de données qui comprennent «les identifiants émis par le gouvernement, la preuve d'adresse, les états financiers et les selfies des utilisateurs».
The Stormous ransomware gang took credit for the theft on Monday, claiming to have stolen 300 gigabytes of data that includes “government-issued IDs, proof of address, financial statements, and user selfies.” |
Ransomware Data Breach | ★★ | |
|
2024-10-21 10:57:41 | Près de la moitié (44%) des CISO ne parviennent pas à détecter les violations Nearly half (44%) of CISOs Fail to Detect Breaches (lien direct) |
Des 44% des CISO n'ont pas pu détecter une violation de données au cours des 12 derniers mois en utilisant des outils de sécurité existants.De plus, près des trois quarts (70%) des CISO estiment que leurs outils de sécurité actuels sont inefficaces pour détecter les violations en raison d'une visibilité limitée.Il s'agissait de deux des conclusions d'un récent rapport de Gigamon qui a interrogé [...]
A staggering 44% of CISOs were unable to detect a data breach in the last 12 months using existing security tools. Moreover, nearly three-quarters (70%) of CISOs feel their current security tools are ineffective at detecting breaches due to limited visibility. These were two of the findings of a recent report from Gigamon that surveyed [...] |
Data Breach Tool | ★★★ | |
 |
2024-10-21 10:13:48 | 21 octobre & # 8211;Rapport de renseignement sur les menaces 21st October – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes en cyber recherche pour la semaine du 21 octobre, veuillez télécharger notre bulletin de renseignement sur les menaces.Les principales attaques et violations des médecins de la santé des enfants de Boston, qui font partie du réseau hospitalier de Boston Children \\, ont subi une violation de données en septembre, exposant des informations sensibles aux patients, y compris les numéros de sécurité sociale, les dossiers médicaux et les détails de l'assurance maladie.Le [& # 8230;]
>For the latest discoveries in cyber research for the week of 21st October, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Boston Children\'s Health Physicians, part of the Boston Children\'s Hospital network, suffered a data breach in September, exposing sensitive patient information, including Social Security numbers, medical records, and health insurance details. The […] |
Data Breach Threat Medical | ★★ | |
|
2024-10-18 12:37:35 | Le géant de la technologie NIDEC confirme la violation des données après une attaque de ransomware Tech giant Nidec confirms data breach following ransomware attack (lien direct) |
NIDEC Corporation informe que les pirates derrière une attaque de ransomware se sont subis plus tôt cette année des données et les ont divulguées sur le Dark Web.[...]
Nidec Corporation is informing that hackers behind a ransomware attack is suffered earlier this year stole data and leaked it on the dark web. [...] |
Ransomware Data Breach | ★★ | |
|
2024-10-18 11:56:43 | Les médecins de la santé des enfants de Boston confirment la violation des données de septembre Boston Children\\'s Health Physicians confirms September data breach (lien direct) |
BCHP - qui aide à associer les enfants avec plus de 300 médecins dans 60 bureaux régionaux à New York et au Connecticut - a déclaré que les intrus ont pris les données des patients de son réseau début septembre.
BCHP - which helps pair children with more than 300 doctors through 60 regional offices in New York and Connecticut - said intruders took patient data from its network in early September. |
Data Breach | ★★★ | |
 |
2024-10-18 10:00:00 | Récaping RAID Forums: l'endroit où les données ont été vendues au plus offrant Recapping Raid Forums: The Place Where Data Was Sold to the Highest Bidder (lien direct) |
The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. From stolen personal data to entire corporate databases, Raid Forums was a digital black market where the most valuable commodities weren\'t physical goods but sensitive information. What began as a hub for online trolls quickly spiraled into a bustling marketplace where hackers auctioned off data to the highest bidder. The platform evolved into a haven for cybercriminals, with notorious figures turning stolen information into profit. But as law enforcement closed in, rookie OpSec mistakes led to this empire of deceit and data theft crumbling down. Thus, let’s take a closer look at how Raid Forums became one of the internet’s most infamous data-selling platforms, its operational model and how it all came crumbling down. Origins of Raid Forums: From Trolling to More Sinister Acts Raid Forums began in 2015 as a notorious hub for trolling and harassment, with other disruptive activities like "swatting" and DDoS attacks also being discussed and orchestrated. Nevertheless, they were considered nothing more than a gaggle of terminally online script kiddies at the time. At the center was its founder, Diogo Santos Coelho, or “Omnipotent,” a 14-year-old Portuguese national with a propensity for cybercrime. Frost and Pompompurin were two other notable admins. Initially, users would reach out to him and the rest of the community to perform mass spam attacks—raids, justifying the forum’s name. The shenanigans soon evolved—users orchestrated fake police reports, escalating the site\'s actions from online pranks to real-world disruptions in the form of online harassment campaigns and smear attacks. However, there was one major problem—these activities weren’t as profitable as Coelho as his partners in crime hoped. Shifting Goals: Transition to a Marketplace for Stolen Data As the forum\'s audience expanded, its admin team figured it was time to pivot. Thus, Raid Forums gradually transformed into a marketplace for selling stolen information, from SSNs to corporate financial records, harvested from major data breaches. This turned out to be a major boon for the site, as some of the world’s biggest freelance black hats saw Raid Forums as a suitable place to chain in on their digital loot. At the same time, Raid developed its own team of data poachers and malware devs, resulting in their escapades devolving into more sinister, more meticulous endeavors. Whether it was extracting invoice data from corporate emails to dig deeper into potential targets or | Data Breach Spam Malware Vulnerability Legislation | ★★★ |
To see everything:
Our RSS (filtrered)
